Unrated severityNVD Advisory· Published Feb 5, 2008· Updated Apr 23, 2026
CVE-2008-0486
CVE-2008-0486
Description
Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
33- www.coresecurity.comnvdExploit
- secunia.com/advisories/28779nvdVendor Advisory
- secunia.com/advisories/28801nvdVendor Advisory
- secunia.com/advisories/28918nvdVendor Advisory
- secunia.com/advisories/28955nvdVendor Advisory
- secunia.com/advisories/28956nvdVendor Advisory
- secunia.com/advisories/28989nvdVendor Advisory
- secunia.com/advisories/29141nvdVendor Advisory
- secunia.com/advisories/29307nvdVendor Advisory
- secunia.com/advisories/29323nvdVendor Advisory
- secunia.com/advisories/29601nvdVendor Advisory
- bugs.gentoo.org/show_bug.cginvd
- bugs.xine-project.org/show_bug.cginvd
- lists.grok.org.uk/pipermail/full-disclosure/2008-February/060033.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.htmlnvd
- secunia.com/advisories/31393nvd
- security.gentoo.org/glsa/glsa-200802-12.xmlnvd
- security.gentoo.org/glsa/glsa-200803-16.xmlnvd
- securityreason.com/securityalert/3608nvd
- sourceforge.net/project/shownotes.phpnvd
- www.debian.org/security/2008/dsa-1496nvd
- www.debian.org/security/2008/dsa-1536nvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mplayerhq.hu/design7/news.htmlnvd
- www.securityfocus.com/archive/1/487501/100/0/threadednvd
- www.securityfocus.com/bid/27441nvd
- www.ubuntu.com/usn/usn-635-1nvd
- www.vupen.com/english/advisories/2008/0406/referencesnvd
- www.vupen.com/english/advisories/2008/0421nvd
- bugzilla.redhat.com/show_bug.cginvd
- www.redhat.com/archives/fedora-package-announce/2008-February/msg00395.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-February/msg00442.htmlnvd
News mentions
0No linked articles in our index yet.